指定目标TCP端口的traceroute命令tcptraceroute mailserver 25等价traceroute -T mailserver -p 25

指定目标TCP端口的traceroute命令tcptraceroute mailserver 25等价traceroute -T mailserver -p 25tcptraceroute(1)-LinuxmanpageNametcptraceroute-AtracerouteimplementationusingTCPpacketsSynopsistcptraceroute[-nNFSAE][-iinterface][-ffirstttl][-llength][-qnumberofqueries][-ttos][-mmaxttl][-psourceport]…

大家好,又见面了,我是你们的朋友全栈君。

tcptraceroute(1) – Linux man page

Name

tcptraceroute – A traceroute implementation using TCP packets

Synopsis

 

tcptraceroute [-nNFSAE] [ -i interface ] [ -f first ttl ]
[ -l length ] [ -q number of queries ] [ -t tos ]
[ -m max ttl ] [ -p source port ] [ -s source address ]
[ -w wait time ] host [ destination port ] [ length ]

Description

tcptraceroute is a traceroute implementation using TCP packets.

The more traditional traceroute(8) sends out either UDP or ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path packets are taking to reach the destination.

The problem is that with the widespread use of firewalls on the modern Internet, many of the packets that traceroute(8) sends out end up being filtered, making it impossible to completely trace the path to the destination. However, in many cases, these firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections on. By sending out TCP SYN packets instead of UDP or ICMP ECHO packets, tcptraceroute is able to bypass the most common firewall filters.

It is worth noting that tcptraceroute never completely establishes a TCP connection with the destination host. If the host is not listening for incoming connections, it will respond with an RST indicating that the port is closed. If the host instead responds with a SYN|ACK, the port is known to be open, and an RST is sent by the kernel tcptraceroute is running on to tear down the connection without completing three-way handshake. This is the same half-open scanning technique that nmap(1) uses when passed the -sS flag.

Options

-n

Display numeric output, rather than doing a reverse DNS lookup for each hop. By default, reverse lookups are never attempted on RFC1918 address space, regardless of the -n flag.

-N

Perform a reverse DNS lookup for each hop, including RFC1918 addresses.

-f

Set the initial TTL used in the first outgoing packet. The default is 1.

-m

Set the maximum TTL used in outgoing packets. The default is 30.

-p

Use the specified local TCP port in outgoing packets. The default is to obtain a free port from the kernel using bind(2). Unlike with traditional traceroute(8), this number will not increase with each hop.

-s

Set the source address for outgoing packets. See also the -i flag.

-i

Use the specified interface for outgoing packets.

-q

Set the number of probes to be sent to each hop. The default is 3.

-w

Set the timeout, in seconds, to wait for a response for each probe. The default is 3.

-S

Set the TCP SYN flag in outgoing packets. This is the default, if neither -S or -A is specified.

-A

Set the TCP ACK flag in outgoing packets. By doing so, it is possible to trace through stateless firewalls which permit outgoing TCP connections.

-E

Send ECN SYN packets, as described in RFC2481.

-t

Set the IP TOS (type of service) to be used in outgoing packets. The default is not to set any TOS.

-F

Set the IP “don’t fragment” bit in outgoing packets.

-l

Set the total packet length to be used in outgoing packets. If the length is greater than the minimum size required to assemble the necessary probe packet headers, this value is automatically increased.

-d

Enable debugging, which may or may not be useful.

–dnat

Enable DNAT detection, and display messages when DNAT transitions are observed. DNAT detection is based on the fact that some NAT devices, such as some Linux 2.4 kernels, do not correctly rewrite the IP address of the IP packets quoted in ICMP time-exceeded messages tcptraceroute solicits, revealing the destination IP address an outbound probe packet was NATed to. NAT devices which correctly rewrite the IP address quoted by ICMP messages, such as some Linux 2.6 kernels, will not be detected. For some target hosts, it may be necessary to use –dnat in conjunction with –track-port. See the examples.txt file for examples.

–no-dnat

Enable DNAT detection for the purposes of correctly identifying ICMP time-exceeded messages that match up with outbound probe packets, but do not display messages when a DNAT transition is observed. This is the default behavior.

–no-dnat-strict

Do not perform any DNAT detection whatsoever. No attempt will be made match up ICMP time-exceeded messages with outbound probe packets, and when tracerouting through a NAT device which does not rewrite the IP addresses of the IP packets quoted in ICMP time-exceeded messages, some hops along the path may appear to be unresponsive. This option should not be needed in the vast majority of cases, but may be utilized if it is suspected that the DNAT detection code is misidentifying ICMP time-exceeded messages.

Examples

Please see the examples.txt file included in the tcptraceroute distribution for a few real world examples.

To trace the path to a web server listening for connections on port 80:

tcptraceroute webserver

To trace the path to a mail server listening for connections on port 25:

tcptraceroute mailserver 25

Bugs

No error checking is performed on the source address specified by the -s flag, and it is therefore possible for tcptraceroute to send out TCP SYN packets for which it has no chance of seeing a response to.

Author

Michael C. Toren <mct@toren.net>

Availability

For updates, please see:

http://michael.toren.net/code/tcptraceroute/

See Also

traceroute(8)ping(8)nmap(1)

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。

发布者:全栈程序员-用户IM,转载请注明出处:https://javaforall.cn/151488.html原文链接:https://javaforall.cn

【正版授权,激活自己账号】: Jetbrains全家桶Ide使用,1年售后保障,每天仅需1毛

【官方授权 正版激活】: 官方授权 正版激活 支持Jetbrains家族下所有IDE 使用个人JB账号...

(0)


相关推荐

  • 如何使用免费控件将Word表格中的数据导入到Excel中

    如何使用免费控件将Word表格中的数据导入到Excel中

  • exp/imp导出导入数据时报错ora 12154 无法解析指定的连接标识符

    exp/imp导出导入数据时报错ora 12154 无法解析指定的连接标识符在本地导入或者导出数据偶然遇到导入失败,oracle报错ora12154无法解析指定的连接标识符。导入命名如下:impcrspuser/123456@crspfromuser=crspfenlovetouser=crspuserfile=d:\daochu20140102.dmp错误信息:EXP-00056: 遇到 ORACLE 错误 12154ORA-12154:

  • Mac下SVN基本操作和常见错误

    Mac下SVN基本操作和常见错误

    2021年10月20日
  • pychram mac 激活码【2021免费激活】

    (pychram mac 激活码)本文适用于JetBrains家族所有ide,包括IntelliJidea,phpstorm,webstorm,pycharm,datagrip等。IntelliJ2021最新激活注册码,破解教程可免费永久激活,亲测有效,下面是详细链接哦~https://javaforall.cn/100143.html…

  • 递归简单举例_递归定义举例

    递归简单举例_递归定义举例刚接触递归的同学,可能难以理解递归,难以理解的点可能很多,例如:1.函数为什么可以在自己的内部又调用自己呢?2.既然可以自己调用自己,那么递归运行过程中一定回有很多层相互嵌套,到底什么时候不再嵌套呢?3.递归运行过程中,相互嵌套的多层之间会有参数传递,多层之间是否会相互影响?递归两个要素1.递归边界2.递归的逻辑——递归”公式”递归的过程一定有参数的变化,并且参

    2022年10月28日
  • 降维算法:主成分分析 VS 自动编码器

    降维算法:主成分分析 VS 自动编码器降维是一种减少特征空间维度以获得稳定的、统计上可靠的机器学习模型的技术。降维主要有两种途径:特征选择和特征变换。特征选择通过选择重要程度最高的若干特征,移除共性的或者重要程度较低的特征。特征转换也称为特征提取,试图将高维数据投影到低维空间。一些特征转换技术有主成分分析(PCA)、矩阵分解、自动编码器(Autoencoders)、t-Sne、UMAP等。本文主要介绍了主成分分析以及自动编码器两种方法,具体分析两者的优缺点,并且通过一个生动的示例进行详解。主成分分析主成分分析是一种无监督技术,将原始数

发表回复

您的电子邮箱地址不会被公开。

关注全栈程序员社区公众号